| kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/ | 142.250.74.52 | 302 Found | 0 B |
URL HTTP/1.1kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/ IP142.250.74.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Outlook | | fortinet | Phishing | |
GET / HTTP/1.1
Host: kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Location: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
X-Cloud-Trace-Context: f6c29aaba4dcfe1715fb38a540b77aca
Date: Wed, 01 Feb 2023 10:02:02 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd2e72d45afe3d391c204b5391599607c 149d68b9d00a720b6f380fa2324779dca9dbe26d f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12200
Expires: Wed, 01 Feb 2023 13:25:22 GMT
Date: Wed, 01 Feb 2023 10:02:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash0c35c3ec659d3a26ea97e68d787bb043 d97e3672244efec5b7814f2d8a734cd1a9387854 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11947
Expires: Wed, 01 Feb 2023 13:21:09 GMT
Date: Wed, 01 Feb 2023 10:02:02 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 09:36:01 GMT
content-type: application/json
age: 1561
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash09ee4b0fe6cf4ca5ed31b24452338d00 7e62b6e20f0d4737f4a8d94f9818a0883027839e 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5037
Expires: Wed, 01 Feb 2023 11:25:59 GMT
Date: Wed, 01 Feb 2023 10:02:02 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: It4xmz26jgU20/J1QGb+P1LXWGKyH6yWMA0/HMQk2RGIw36woA6DgLnKn2xr8p3tvkpzIAN+y9I=
x-amz-request-id: HKQC2T07931VBTZ5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 09:22:36 GMT
age: 2366
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash5a05e84b227665f735ec60c670208865 208025e8d85e06c601f358e263e0ab000a904418 1c3ebe2af14480c9e799707d79adb02c689051f64e2dd4421fc5b3eca5b89ec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:02:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/ | 142.250.74.52 | 200 OK | 15 kB |
URL HTTP/2kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/ IP142.250.74.52:0
File typeHTML document, ASCII text, with very long lines (52799) Hash43ee54fe11d8a03dfda4cc32aec240bf b19d1d2377fc1e8effffe5045104c93fca246188 16d7a450e43e21186ee6ce628f1eda1d86acd6b6f20d7e5e93698268539440ea
Analyzer | Verdict | Alert | openphish | Outlook | | fortinet | Phishing | |
GET / HTTP/1.1
Host: kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
content-encoding: gzip
x-cloud-trace-context: 7e2bce9a28047f1d9d4dc4dfbf84af1a
vary: Accept-Encoding
date: Wed, 01 Feb 2023 10:02:02 GMT
server: Google Frontend
cache-control: private
content-length: 14560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash5a05e84b227665f735ec60c670208865 208025e8d85e06c601f358e263e0ab000a904418 1c3ebe2af14480c9e799707d79adb02c689051f64e2dd4421fc5b3eca5b89ec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_ynywyfekfmsp3ljup2epra2.js | 152.199.23.37 | 200 OK | 44 kB |
URL HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_ynywyfekfmsp3ljup2epra2.js IP152.199.23.37:0
File typeASCII text, with very long lines (778) Hashed9aff44730dcc78628c87358c3610ff ee6296bdabe0e49f8378e3a318c0e3d5fac641f4 bb55d26b0410b346e0e9f9cfa8756db707a341a2f37143bd2f8cf30467611949
GET /ests/2.1/content/cdnbundles/aad.login.min_ynywyfekfmsp3ljup2epra2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com
Connection: keep-alive
Referer: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 30615097
cache-control: public, max-age=31536000
content-md5: 7Zr/RHMNzHhijIc1jDYQ/w==
content-type: application/x-javascript
date: Wed, 01 Feb 2023 10:02:03 GMT
etag: 0x8D876CB187B0320
last-modified: Thu, 22 Oct 2020 20:43:13 GMT
server: ECAcc (ska/F773)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 08295444-a01e-0090-05b2-1f99e8000000
x-ms-version: 2009-09-19
content-length: 44333
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css | 152.199.23.37 | 200 OK | 20 kB |
URL HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css IP152.199.23.37:0
File typeASCII text, with very long lines (61177) Hash6e3a82201f6b30464003c4eb38a44681 3962e31e0672345e8a2061dd8f99400d07c53fe6 1a22cd11ac7403823fd6dad25dfafeb65bb1dd01eed1723dcbf59c8de9b3d8fd
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com
Connection: keep-alive
Referer: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 17049395
cache-control: public, max-age=31536000
content-md5: bjqCIB9rMEZAA8TrOKRGgQ==
content-type: text/css
date: Wed, 01 Feb 2023 10:02:03 GMT
etag: 0x8D872D16C711C33
last-modified: Sat, 17 Oct 2020 19:18:26 GMT
server: ECAcc (ska/F6B6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ab49b811-201e-0093-2914-9b6a88000000
x-ms-version: 2009-09-19
content-length: 19771
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 09:41:42 GMT
age: 1221
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| logincdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg | 192.229.221.185 | 200 OK | 1.4 kB |
URL HTTP/2logincdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg IP192.229.221.185:0
File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators Hash9f368bc4580fed907775f31c6b26d6cf e393a40b3e337f43057eee3de189f197ab056451 7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36
GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 1517880
cache-control: public, max-age=31536000
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
content-type: image/svg+xml
date: Wed, 01 Feb 2023 10:02:03 GMT
etag: 0x8D79ED29CF0C29A
last-modified: Wed, 22 Jan 2020 00:32:50 GMT
server: ECAcc (ska/F7B5)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: fd0c0cdd-301e-0034-1256-28f450000000
x-ms-version: 2009-09-19
content-length: 1435
X-Firefox-Spdy: h2
|
|
| outlook.office365.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363 | 52.98.149.178 | 302 Found | 264 B |
URL HTTP/1.1outlook.office365.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363 IP52.98.149.178:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash52bcded6ad060df3b7f25c411ea490d4 98bae55e192c1cc5b6bea81d6450136dbacf66e2 dcf760270ec58313134c7b9d11b4def7a1e3a840e6a294700736ea622c8b10e7
GET /owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363 HTTP/1.1
Host: outlook.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://outlook.office.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363&pngSites=none
Server: Microsoft-IIS/10.0
request-id: 09aaedbc-7bc9-89fa-6d8f-08ddf25c3567
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: UserContext=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
DefaultAnchorMailbox=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
O365Consumer=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
HostSwitchPrg=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
SdfV2LDomain=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
OptInPrg=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
LI=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
UserContext=; domain=outlook.office365.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
SuiteServiceProxyKey=; domain=outlook.office365.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
DefaultAnchorMailbox=; domain=outlook.office365.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
O365Consumer=; domain=outlook.office365.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
HostSwitchPrg=; domain=outlook.office365.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
SdfV2LDomain=; domain=outlook.office365.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
OptInPrg=; domain=outlook.office365.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
LI=; domain=outlook.office365.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
RPSAuth=; domain=outlook.office365.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None
RPSSecAuth=; domain=outlook.office365.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
RPSClearCT=; domain=outlook.office365.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
X-FirstHopCafeEFZ: GVX
X-FEProxyInfo: GV3P280CA0083.SWEP280.PROD.OUTLOOK.COM
X-FEEFZInfo: GVX
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 10:02:02 GMT
Content-Length: 264
|
|
| aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico | 152.199.23.37 | 200 OK | 17 kB |
URL HTTP/2aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP152.199.23.37:0
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 21281215
cache-control: public, max-age=31536000
content-md5: EuPayFgGHQiAI7K9SOL6lg==
content-type: image/x-icon
date: Wed, 01 Feb 2023 10:02:03 GMT
etag: 0x8D8731240E548EB
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
server: ECAcc (ska/F738)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 99c0ded5-501e-0046-2297-74c4e6000000
x-ms-version: 2009-09-19
content-length: 17174
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10457
Expires: Wed, 01 Feb 2023 12:56:20 GMT
Date: Wed, 01 Feb 2023 10:02:03 GMT
Connection: keep-alive
|
|
| res-1.cdn.office.net/shellux/suiteux.shell.msaltokenfactoryiframe.c8ed55a2f40c1d5f04e9.js | 95.101.10.209 | 200 OK | 82 kB |
URL HTTP/2res-1.cdn.office.net/shellux/suiteux.shell.msaltokenfactoryiframe.c8ed55a2f40c1d5f04e9.js IP95.101.10.209:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (26620) Hashc438664aefe6f39e9e79e30513eee672 61d872081606a15de43d77b9a5a5491a0371ba61 345bb60d7a84f2719080ccaf1e48d24880ab07594ffc2f91b2df380a6217238a
GET /shellux/suiteux.shell.msaltokenfactoryiframe.c8ed55a2f40c1d5f04e9.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webshell.suite.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 81797
last-modified: Tue, 18 Oct 2022 19:50:00 GMT
x-ms-request-id: a274f6cc-401e-0050-6ae1-e73dc7000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 01 Feb 2023 10:02:03 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.191.251.76 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.191.251.76:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DDZ47TIxW1RlllHw7dVuBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lxyyAWxQWXEyvKkknH7+Y8su5+8=
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Wed, 01 Feb 2023 10:54:36 GMT
Date: Wed, 01 Feb 2023 10:02:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Wed, 01 Feb 2023 10:54:36 GMT
Date: Wed, 01 Feb 2023 10:02:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Wed, 01 Feb 2023 10:54:36 GMT
Date: Wed, 01 Feb 2023 10:02:04 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2998f7f50ac0eec931c348e8a0fb0c60 f5e411cda74cb7fb4a662f4787e9543b9749c8b5 0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 10:37:05 GMT
age: 84299
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4bb3a6fba496d54cdbbccaf2b9600386 8e30002699e9fbf2047f9ac11a36d2175fc9c591 927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:27:41 GMT
age: 9263
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3366ef4f8733cb9c89a5c88f63a0a441 7da46843b6d885f38a4759a08e6c899906ab7b97 7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 27126
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe4354120b504a8b1d1c3f4e206eb4611 ba854dec74347525b20dbf3b4e5c13876d56aa1c bc921fe78a71864819998207c13b5c3ca7913275a4503119c5d105ad7827c377
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9282
x-amzn-requestid: f448477b-b445-46fa-8aee-8c5c527ee95b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feqp8FuToAMFxDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5be3f-30fbf0dd70d17878651809a0;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 00:30:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XGTtVMp42cyJ-Xmh0D-ECG50tJe_AZWIir602PjdJ1CwsAygJpbJyA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:00:34 GMT
age: 21690
etag: "ba854dec74347525b20dbf3b4e5c13876d56aa1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash23db22ce2120fbb0ae6109e1a046062d 2068c8d9a5bc30a17be658e198e26c64a80703cf f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 44385
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash27e95b7912edc909d6b031e36fe83534 eb27fae0bb17dbe0929a620002195233ef50c1d0 b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 13:15:35 GMT
age: 74789
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.office.com/logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 | 13.107.6.156 | 200 OK | 0 B |
URL HTTP/2www.office.com/logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 IP13.107.6.156:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 HTTP/1.1
Host: www.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: OH.SID=9fd9bc7e-dd8f-4b78-91f3-3ad5ea4d1b53; path=/; secure; samesite=none; httponly
OH.DCAffinity=OH-noe; expires=Wed, 01 Feb 2023 18:02:03 GMT; path=/; secure; samesite=none; httponly
OH.FLID=cbb29e9f-9d1d-45e6-97cb-bf76f0cd794b; expires=Thu, 01 Feb 2024 10:02:03 GMT; path=/; secure; samesite=none; httponly
UserIndex=; expires=Tue, 31 Jan 2023 10:02:03 GMT; path=/; secure; samesite=none; httponly
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F181DF7B993D4256AE29FB57EAA784BC Ref B: SVG20EDGE0218 Ref C: 2023-02-01T10:02:03Z
date: Wed, 01 Feb 2023 10:02:02 GMT
X-Firefox-Spdy: h2
|
|
| www.microsoft365.com/logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363&from=logout | 13.107.6.156 | 200 OK | 0 B |
URL HTTP/2www.microsoft365.com/logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363&from=logout IP13.107.6.156:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363&from=logout HTTP/1.1
Host: www.microsoft365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.office.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: OH.SID=bb39eb0f-6535-4bde-a739-8560acd106d1; path=/; secure; samesite=none; httponly
OH.DCAffinity=OH-noe; expires=Wed, 01 Feb 2023 18:02:03 GMT; path=/; secure; samesite=none; httponly
OH.FLID=06db4e17-3709-40cf-9b19-1acba59eb246; expires=Thu, 01 Feb 2024 10:02:03 GMT; path=/; secure; samesite=none; httponly
UserIndex=; expires=Tue, 31 Jan 2023 10:02:03 GMT; path=/; secure; samesite=none; httponly
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1150E64DEF3B47BBBBCA82382B0AC8ED Ref B: SVG20EDGE0218 Ref C: 2023-02-01T10:02:03Z
date: Wed, 01 Feb 2023 10:02:03 GMT
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.1.11.min__yok_chwseypwbmuffnnaa2.js | 152.199.23.37 | 200 OK | 0 B |
URL HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.1.11.min__yok_chwseypwbmuffnnaa2.js IP152.199.23.37:0
GET /ests/2.1/content/cdnbundles/jquery.1.11.min__yok_chwseypwbmuffnnaa2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com
Connection: keep-alive
Referer: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 18121402
cache-control: public, max-age=31536000
content-md5: rh/aFGJ6VR89aDdTZ7hodQ==
content-type: application/x-javascript
date: Wed, 01 Feb 2023 10:02:03 GMT
etag: 0x8D876CB2080AB77
last-modified: Thu, 22 Oct 2020 20:43:26 GMT
server: ECAcc (ska/F7B9)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 36fc386b-b01e-0072-3e54-91ee33000000
x-ms-version: 2009-09-19
content-length: 38927
X-Firefox-Spdy: h2
|
|
| webshell.suite.office.com/iframe/TokenFactoryIframe/Logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 | 52.111.209.6 | 200 OK | 0 B |
URL HTTP/2webshell.suite.office.com/iframe/TokenFactoryIframe/Logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 IP52.111.209.6:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /iframe/TokenFactoryIframe/Logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 HTTP/1.1
Host: webshell.suite.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 10:02:02 GMT
server: Kestrel
cache-control: private,max-age=3600
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
content-security-policy: default-src 'none'; frame-src *; script-src https://res-1.cdn.office.net https://shell.cdn.office.net 'nonce-wsgMJ3U2GBREKgDDPMQehcd/HuNUoEzDDMFeaUoAiyc=' 'unsafe-inline'; connect-src *;
cross-origin-resource-policy: cross-origin
x-o365suiteuxshell-correlationid: 447d6af2-5775-4ef8-ac22-3d733c743c0f
X-Firefox-Spdy: h2
|
|
| outlook.office.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363&pngSites=none | 52.98.149.162 | 200 OK | 0 B |
URL HTTP/2outlook.office.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363&pngSites=none IP52.98.149.162:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363&pngSites=none HTTP/1.1
Host: outlook.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kallenbachsteffenruhlamat-dot-azure-projectfiles.uk.r.appspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: image/gif
server: Microsoft-IIS/10.0
request-id: eb5cc55a-9f9e-8448-a4f5-690f5cf607bf
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443",h3-29=":443"
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
set-cookie: UserContext=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
DefaultAnchorMailbox=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
O365Consumer=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
HostSwitchPrg=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
SdfV2LDomain=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
OptInPrg=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
LI=; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
UserContext=; domain=outlook.office.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
SuiteServiceProxyKey=; domain=outlook.office.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
DefaultAnchorMailbox=; domain=outlook.office.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
O365Consumer=; domain=outlook.office.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
HostSwitchPrg=; domain=outlook.office.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
SdfV2LDomain=; domain=outlook.office.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
OptInPrg=; domain=outlook.office.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
LI=; domain=outlook.office.com; expires=Mon, 01-Feb-1993 10:02:03 GMT; path=/; secure
RPSAuth=; domain=outlook.office.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None
RPSSecAuth=; domain=outlook.office.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
RPSClearCT=; domain=outlook.office.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
x-firsthopcafeefz: GVX
x-feproxyinfo: GV3P280CA0005.SWEP280.PROD.OUTLOOK.COM
x-feefzinfo: GVX
x-powered-by: ASP.NET
date: Wed, 01 Feb 2023 10:02:02 GMT
X-Firefox-Spdy: h2
|
|